Home Administrative Billing & Reimbursement BlueCard® Health and Wellness Medical PEAR portal Pharmacy Products Quality Management

Roles and responsibilities of a NaviNet® Security Officer

April 29, 2016

We continue to introduce new transactions and functionality through the NaviNet web portal that offer you increased access to patient-specific clinical and financial information. As such, we want to remind you of the importance of the role and responsibility of your designated NaviNet Security Officer.

What is a NaviNet Security Officer?

The NaviNet Security Officer is your office?s primary contact with NaviNet regarding security issues with the portal. NaviNet-enabled offices must have at least one NaviNet Security Officer designated. The Security Officer also interacts with NaviNet users in your office and with NaviNet Customer Support to ensure that users are getting the most out of NaviNet.

The Health Insurance Portability and Accountability Act (HIPAA) mandates that each provider office designate a Security Officer to be aware of the electronic storage and transmission of patient information within and from your office. This person can also take the role of the NaviNet Security Officer.

Why does NaviNet require Security Officers?

NaviNet is not like a general public website (e.g., Amazon or eBay) where anyone can elect to register themselves for access. NaviNet retrieves patient-specific information from health plans that providers are required to protect under HIPAA. NaviNet users must have a specific, legitimate reason to access this information, and NaviNet verifies that each office is an actual provider. Each office is responsible for setting their own user accounts, and the Security Officer is the individual who has the authority to create those user accounts on behalf of the office.

What are the roles and responsibilities of a NaviNet Security Officer?

A NaviNet Security Officer is responsible for making sure that NaviNet is used in a HIPAA-compliant way. He or she is also responsible for configuring providers, users, and permissions so the office can use NaviNet effectively as well as efficiently.

To fulfill these responsibilities, the Security Officer undertakes several special tasks, including:

  • ensuring that every staff member who accesses NaviNet has his or her own unique user name and password;
  • ensuring that user names and passwords are not shared with anyone else in the office;
  • adding, reactivating, deactivating, and terminating NaviNet users in the office, when appropriate;
  • resetting user passwords for staff members who forget their passwords and/or the answers to their challenge and response questions;
  • changing the amount of time before NaviNet automatically logs off from an inactive session;
  • notifying NaviNet if someone else takes on the Security Officer role for the office;
  • setting transaction permissions for individual users;
  • making sure the office is registered to all applicable health plans;
  • making sure the office has the right tax ID numbers, groups, and providers available for NaviNet transactions.

Who in your office should be the NaviNet Security Officer?

Your office management should select at least one user who takes on the NaviNet Security Officer role. He or she should be a trusted individual, as he or she will be giving other users access to protected health information. Typically, NaviNet Security Officers are office supervisors, lead administrators, experienced NaviNet users, or members from IT or the Privacy/Security department.

You may consider having two Security Officers designated, with one as backup, especially if you are in a larger office. We also recommend that NaviNet Security Officers use NaviNet on a regular basis in order to be able to provide the appropriate support to users in the office.

For more detailed information on common Security Officer tasks, as well as best practices, please select Help at the top of NaviNet Plan Central and then the Security Officers tab.

NaviNet is a registered trademark of NaviNet, Inc., an independent company.


This content was prepared for the Provider News Center and may not be reproduced in any way without the express written permission of Independence Blue Cross. Independence Blue Cross is an independent licensee of the Blue Cross and Blue Shield Association.
Connect with us     Facebook     Twitter     Flickr     YouTube     Walk the Talk    Independence Pinterest    Independence LinkedIn    Independence Instagram Site Map        Anti-Fraud        Privacy Policy        Legal        Disclaimer
© 2023 Independence Blue Cross.
Independence Blue Cross is an independent licensee of the Blue Cross and Blue Shield Association, serving the health insurance needs of Philadelphia and southeastern Pennsylvania.